SANS ISC InfoSec Forums

There is a recent spike in TCP port 8443 http://isc.sans.org/port_details.php?port=8443. Any one have any details on what this traffic might be? Packets with payload would be great!

Update:Many readers have written in commenting on what products use this TCP port. This is a pretty sizable spike. It ispossible that there is some new exploit or scanning tool being used. That is what I am looking for evidence of.

Okay we have a good handle on the products using port 8443:ePOSome web portal softwareAlternate ssl portWeb app backend productsA backup package

The question still remains: what is the cause of the spike? It is legitimate traffic or malicious?